Admin-Scanner – This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily

Website Admin Panel Finder How To Install (Linux/pc) sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone https://github.com/alienwhatever/Admin-Scanner.git cd Admin-Scanner How to Install (Termux/Android) pkg update && pkg upgrade pkg install python3 pkg install git git clone https://github.com/alienwhatever/Admin-Scanner.git cd Admin-Scanner pip3 install -r requirement.txt Usage author: alienwhatevercredit github.com/bdblackhat for list.txtorginal-source-of-list.txtRead More

Scripthunter – Tool To Find JavaScript Files On Websites

[*] Scripthunter is a tool that finds javascript files for a given website. To scan Google, simply run ./scripthunter.sh https://google.com. Note that it may take a while, which is why scripthunter also implements a notification mechanism to inform you when a scan is finished via Telegram API. Blogpost Setup To install scripthunter, clone this repository.Read More

CRLFMap – A Tool To Find HTTP Splitting Vulnerabilities

CRLFMap is a tool to find HTTP Splitting vulnerabilities Why? I wanted to write a tool in Golang for concurrency I wanted to be able to fuzz both parameters and paths Installation go get github.com/ryandamour/crlfmap Help Available Commands: help Help about any command scan A scanner for all your CRLF needsFlags: -h, –help help forRead More

AES Finder – Utility To Find AES Keys In Running Processes

Utility to find AES keys in running process memory. Works for 128, 192 and 256-bit keys. Usage Open aes-finder.sln solution in Visual Studio 2013 to compile source. Alternatively use gcc/clang: g++ -O3 -march=native -fomit-frame-pointer aes-finder.cpp -o aes-finder To search for keys in process with id = 123, execute following: aes-finder.exe -123 To search for keysRead More

Hardcodes – Find Hardcoded Strings From Source Code

hardcodes is a utility for searching strings hardcoded by developers in programs. It uses a modular tokenizer that can handle comments, any number of backslashes & nearly any syntax you throw at it.Yes, it is designed to process any syntax and following languages are officially supported: ada, applescript, c, c#, c++, coldfusion, golang, haskell, html,Read More

SourceWolf – Amazingly Fast Response Crawler To Find Juicy Stuff In The Source Code!

Tested environments: Windows, MAC, linux, and windows subsystem for linux (WSL) What can SourceWolf do? Crawl through responses to find hidden endpoints, either by sending requests, or from the local response files (if any). Create a list of javascript variables found in the source Extract all the social media links from the websites to identifyRead More

uDork – Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).New functionalRead More

dorkScanner – A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs

A typical search engine dork scanner that scrapes search engines with queries that you provide in order to find vulnerable URLs.IntroductionDorking is a technique used by newsrooms, investigative organisations, security auditors as well as tech savvy criminals to query various search engines for information hidden on public websites and vulnerabilities exposed by public servers. DorkingRead More

SecretFinder – A Python Script For Find Sensitive Data (Apikeys, Accesstoken, JWT…) And Search Anything On Javascript Files

SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions. These are responsible for finding and search anything onRead More

X